Public Knowledge Demands FTC, FCC Get Off Privacy Sidelines and Enforce Existing Law

Yesterday, reports surfaced that Voipo, a California voice-over-internet-protocol (VOIP) provider, exposed millions of consumer call logs and text messages stored on an “improperly secured” ElasticSearch database for several months before security researcher Justin Paine located them. According to Mr. Paine, many of the files contained detailed customer call records, including time and date. Public Knowledge demands that Federal Communications Commission Chairman Pai enforce existing Customer Proprietary Network Information (CPNI) rules that protect the privacy of information related to telephone calls. The CPNI rules apply to both facility-based VOIP providers as well as to traditional telephone providers.

The following can be attributed to Harold Feld, Senior Vice President at Public Knowledge:

“To counteract nearly two years of consistent ringing of the dinner bell for carriers to exploit our personal information, Chairman Pai must move immediately to make clear that the agency will enforce its rules and hold companies that fail to adequately protect call records accountable. Failure to do so will make it clear to carriers, Congress and consumers that the supposed ‘cop on the beat’ is asleep at the wheel.

“Chairman Pai should cooperate with Congressman Pallone and explain to the new House Energy and Commerce Committee what is it that the FCC is doing to protect the privacy of phone subscribers, as required by law. We call on the FTC and the FCC to work together to protect subscriber privacy, rather than standing on the sideline passing responsibility from one to the other.”